<?php

function process_login(){



	$username = secure($_POST['username']);
	$password = secure($_POST['password']);
	
	echo $username;
	
	//make sure the fields arn't empty
	if (!$username | !$password) {
	
	echo 'You left a field empty';
	
	} else {
	
	//make sure the user exists
	$user = mysql_query("SELECT * FROM `users` WHERE username = '$username'");
	
	if( ($usez = mysql_num_rows($user) ) == 0)
					{
						echo 'user doesnt exist';
					} else {
	//Encrypt the password to check with the encrypted one currently in the database
$encpass = sha1( SALT . $password );

//Find the user
$superquery = mysql_query("SELECT * FROM `users` WHERE username = '$username' AND password = '$encpass'");


if (mysql_num_rows($superquery) == 1){

	//If the user is found, set the cookies
	
	setcookie("username", $username, $cookieTime);
	setcookie("password", $encpass, $cookieTime);
	
		header ( "Location: $siteurl");

	
	}else{
	
	echo 'Failure';
	
}
}
}



}


function login_form(){
echo '
<form method="post" action="index.php?action=login">

	<b>Username:</b><input type="text" name="username"><br />
	<b>Password:</b><input type="password" name="password"><br />
	
	<input type="submit" name="login" value="Login">
</form>';

}

function process_logout(){


setcookie ("username", "", time() - 3600);
setcookie ("password", "", time() - 3600);

		header ( "Location: $siteurl");


}




?>